Lootan(kedor) Sql Injection vulnerability

From: arash.setayeshi@gmail.com
To: bugtraq@securityfocus.com
Cc:
Subject: Lootan(kedor) Sql Injection vulnerability
Date:


Product : Lootan System
vendor : www.kedor.cn
vulnerable versions : RC1 & prior 

example : 
http://example/ly/login.asp?username=[SQL Command]





Copyright © 1995-2019 LinuxRocket.net. All rights reserved.